Employees at Missouri-based Children's Mercy Hospital fell victim to a phishing attack that compromised the personal information of more than 60,000 patients.
The incident was identified on December 2, 2017, and the passwords for the compromised email accounts were promptly reset.
Separate email accounts were also affected on December 15 and 16, and again the passwords were reset. Additional unauthorized access occurred to another email account on January 3, 2018.
An investigation later revealed that four of the five affected email mailboxes were downloaded by unauthorized individuals.
Affected data included patient names, medical record numbers, dates of medical treatment, diagnoses, and other medical information.
Adam Levin, Founder of CyberScout and author of "Swiped" says, "The hack attack on Children's Mercy Hospital is yet another example of how medical institutions are prime targets for cybercriminals, because they store a treasure trove of PHI or protected healthcare information. The healthcare industry needs to be on high alert for phishing attacks, where one wrong click could expose patients to medical identity theft, where a fraudster could obtain healthcare insurance in a patient's name and actually gain access to treatment. Those affected should check their explanation of benefits statements for any suspicious activity and check to see if their SSN was compromised. Your SSN is the skeleton key to your life and once compromised, you will be looking over your shoulder for the rest of your life."
Adam K. Levin is a consumer advocate with more than 30 years of experience and is a nationally recognized expert on cybersecurity, privacy, identity theft, fraud, and personal finance. A former Director of the New Jersey Division of Consumer Affairs, Mr. Levin is Chairman and founder of CyberScout and co-founder of Credit.com. Adam Levin is the author of Amazon Best Selling Book Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves.
No comments:
Post a Comment